Open quentinbaradat opened 10 months ago
Hi,
Using the $ sudo iptables -A PREROUTING -t mangle -p tcp -i eth0 -j TPROXY --on-port 5000 --tproxy-mark 1
command produced no errors on an Ubuntu 22.04 VM and reading back the mangle table showed the rule being properly applied:
$ sudo iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
TPROXY tcp -- anywhere anywhere TPROXY redirect 0.0.0.0:5000 mark 0x1/0xffffffff
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
What error are you trying to bypass by using iptables-legacy
?
According to the Readme.md file, PEPsal is supported for Ubuntu 14.04 & 16.04.
However, while trying to use it on an Ubuntu 22.04, I faced an error related to the use of the TPROXY iptables feature.
It seems that as of this version "iptables-legacy" has migrated to "iptables netfilter". And the TPROXY feature version doesn't work properly using iptables netfilter.
The only solution I found is to use the iptables-legacy bin :